D Ongoing Activities Update

Transcription

1 Knowledge Strategy Committee 23 January 2015 Ongoing Activities Update escription of paper 1. An update on various University-wide projects that fall within the remit of KSC. Action requested 2. KSC is asked to note this update on ongoing activities. Recommendation 3. KSC is recommended to note this update on ongoing activities. Background and Context 4. At each meeting of KSC an update is provided on projects falling within the remit of KSC which do not fall into any additional agenda items. Updates Agenda Item: 10.1 IT Security 5. There have been two security incidents of note since the last KSC meeting: 1. an that should have only been sent to a single student was sent in error to about 30 individuals. This kind of user error is not something that we can prevent at a system level. 2. a virus infestation that has had significant and serious consequences that are still ongoing. As a result we have changed our anti-virus recommendations, settings in the University supported desktop and some of our network monitoring. We need to further review the situation once these initial measures have had time to bed in. The following text is a more detailed description for information/interest. 6. On around the 28 th November an attachment was opened by a user triggering a virus. This did not come through the University system but once triggered was able to read the user s address book and ed itself to a large number of University users. These s, containing the virus attachment, appear to come from another University user therefore are much more likely to be opened, hence spreading the virus further, than an from an external source. This led to a significant number of infected machines in the institution. Once this was reported a block was placed in the relays to prevent it spreading further. 7. This particular virus is particularly difficult to detect as it is built to constantly change its signature. This means that there is always a possibility of the virus getting activated before the anti-virus software has been updated to detect the signature. A review was made, however, of our anti-virus procedures and a decision taken to

2 change to forcing a full scan on all supported machines on a weekly basis instead of the previous quick scan. 8. This provides reasonable security for our supported desktops. However, users still have to be educated to not open attachments on s unless they are sure of the originator. What we cannot give any protection against, apart from advice which has recently been completely updated are virus infections on unsupported machines in the institution. Our estimate is there are about 50% of unsupported machines and for which we are dependent upon the users themselves being far more vigilant than those who run a supported desktop. 9. This particular virus also has a further feature which has significantly increased the damage caused. On activation, it calls back to a home (of which there are many) and downloads further Trojans or spambot software. In this case a banking Trojan called ridex was downloaded onto at least 5 desktops. In four of those cases there is no evidence that the Trojan was actually activated. In the fifth case, in a desktop in Informatics, the Trojan would have appeared to have activated and stole a name and a password which was then used in an attempt to cause a fraudulent transaction. The normal finance safeguards stopped the transaction and the University was alerted to the incident by Santander. 10. This Trojan also changes its signature, to the extent that it is believed that it creates a signature that is unique to the system it is on. Thus, the anti-virus software is not capable of picking it up and at the time of writing this report new incidents are being picked up by monitoring the network traffic as it attempts to call home. 11. IS will perform a further review to see what new lessons can be learned and whether new steps need to be taken though within the constraints of the University environment our controls have kept the incident within reasonable bounds. Brian Gilmore, Chief IT Security Officer Agenda Item: 10.2 istance Education Initiative 12. All EI funding has now been distributed, totalling 34 projects across 17 schools. Monitoring of project progress will continue until early 2016 as a minimum, the projected date by which all academic projects should have launched. 13. A bid will be submitted to the next funding round in February to request funding for sustained investment in OL provisions, although not likely to the same levels of EI annual investment. 14. The EI Steering Group will remain active but parked until the outcome of the funding round is known. 2

3 15. A working group has been set up to explore the requirements post EI for OL support across the University which the EI is supporting. This group is being led by Erin Jackson and will report within the calendar year. 16. We currently have 2,210 students studying on our OL programmes. Amy Woodgate, Project Manager istance Education Initiative Agenda Item: 10.3 MOOCs 17. The University has a portfolio of 21 live courses and a further 3 soon to be announced. In autumn 2014, we achieved an impressive 1million learner enrolments and with new courses now available, this figure is likely to grow substantially. 18. Edinburgh hosted the recent FutureLearn Academic Network and various events with our platform providers. The community is growing and we have engaged more than 80 academic staff directly with mooc development and trained over 70 teaching assistants. 19. There will be Edinburgh representation at the Coursera annual conference in March 2015 and panel proposals have been submitted (awaiting outcome shortly). 20. The U21 pilot ran successfully in November with 1,360 participating students from more than 7 U21 institutions. The pilot will run again in March 2015 for southern hemisphere colleagues and the steering group will report on the success in May 2015 to the U21 Board to identify longer-term online learning collaborations across the partnership. Amy Woodgate, Project Manager MOOCs Agenda Item: 10.4 Business Intelligence/Management Information Project 21. Craig Middlemass started as the new BI/MI Programme Coordinator on 5 th January. Craig will be coordinating the initiatives and acting as secretary to the ata Governance Group. 22. Members for the ata Governance Group have been selected and apprised of their first meeting which will be held on 26 January This meeting will focus on a discussion of an outline of the planned work; the group s roles and responsibilities; and agreement on participation in each of the initiatives. Following this scoping meeting a report will be provided to the BI/MI Programme Board to seek approval of the membership and remit of the ata Governance Group. 23. Guidance provided by the ata Governance Group and the work completed to date is being used in the IS Applications planning round to establish which proposals have a BI/MI implication. This guidance can be used to help look at the University s proposed projects across the board, in particular those that directly develop and improve reporting solutions; and projects that will produce information that may be valuable to the whole institution. 3

4 24. The first few months will be crucial in laying the foundations for the next 2-3 years of collaborative working and engagement, to build the University s capacity in relation to Business Intelligence and Management Information. Craig Middlemass, BI/MI Coordinator Agenda Item: 10.5 Student Systems Roadmap 25. The Student Systems Roadmap was approved by the Student Systems Board in October 2013, following a period of development and widespread consultation. The roadmap can be accessed at: https://www.projects.ed.ac.uk/webfm_send/2566 Student Systems Priorities 2014/ Attendance & Engagement Monitoring: Further work required to support schools, look at more effective ways to use data from other systems (LEARN, Personal Tutor; SMART) to avoid manual effort and more effective ways of capturing data within Schools. 27. Assessment & Progression: medium term project which will ultimately replace SMART system. This year the focus is on providing tools which will support schools in the communication of progression decisions, and the management of the student record. This will be followed through the roll out of tools which will support the overall communication and administration of the students summative assessment including exam boards. 28. Research Postgraduate Administration: this year a focus on short-term enhancements to provide tools to support key administrative processes and MI extracted from the system by Schools. This work will ultimately feed into the Postgraduate Researcher Experience Project (PREP) which is being developed by Prof. Jeremy Bradshaw and the REC. 29. Programme & Course Information Management: developing the system to support the implementation of the project which is looking to enhance the quality of and presentation of course and programme information presented to students. This year the focus is at course level. 30. Use of student data: aligning activity with the MI/BI Project, developing central reports to support key processes (admissions, progression, attendance and engagement monitoring). Looking at opportunities to enhance the use of external data, internally (KIS, HESA and HEII) and work with Schools to understand what key roles need from the student data set a focus on roles and tasks. Medium Term 31. The Student Systems Board had an initial look at priorities for 2015/16 and subsequent years at its meeting in ecember. ecisions on priorities will be made in March

5 32. The Student Systems Board identified a number of areas where further research and recommendations are required to help set the strategic direction of student systems. These include: 33. Task & Tools: Student, Personal Tutor, School Administration. In turn focus on the tasks and processes that users engage with and prioritise the areas where enhancement of the systems and MIBI will enhance the effectiveness and efficiency of the tasks undertaken. 34. Use of data/student use of data: Linked to MIBI Project, the way student data is used to support students, key processes and key roles within Schools and Professional Services. Review our approach to open data and our approach to communication and sharing of data with students. 35. Scenario Planning: undertake some scenario planning in light of the emerging learning & teaching vision mean, student experience vision and the future size and shape of the University. 36. Measures/Metrics: enhance use of student systems data to measure and improve our processes and systems and understand needs of users. 37. A broader review of the Student Systems Roadmap will be undertaken in June 2015 as it approaches the end of the second of the three year period it initially covered. Barry Neilson, irector of Student Systems Resource implications 38. There is no additional resource implication not considered within the project remits of the projects listed in this paper. Risk Management 39. There are no additional risks not considered within the project remits of the projects listed in this paper. Equality & iversity 40. There are no additional equality and diversity impacts not considered within the project remits of the projects listed in this paper. Next steps/implications 41. There will be a further update on these activities taken to the next meeting of Knowledge Strategy Committee. Consultation 42. Knowledge Strategy Committee is the location for any discussions based on this paper it has not been circulated to any other committee. Further information Author Siobhan MacInnes 5

Audit and Risk Management Committee 26 th February 2015 IT Security Update Description of paper 1. The purpose of this paper is to update the Committee on current security issues and what steps are being

Information Services Information Technology Committee 10 th June 2014 ITC Workplan for 2014/15 Brief description of the paper The paper is a combination of a committee workplan for 2014/15 and a report

The University of Edinburgh Minutes of the meeting of Senatus Quality Assurance Committee (SQAC) held at 2 p.m. on Thursday 23 rd October 2014 in the Raeburn Room, Old College Minutes are draft until approved

LTC: 12.01.10. H/02/25/02 Minutes of the meeting of Senatus Learning and Teaching Committee held on Tuesday, 12 January 2010 at 2.15 p.m. in the Chancellor s Board Room, Royal Infirmary of Edinburgh, Little

Individual Executive Member Decision Title of Report: Report to be considered by: Date on which Decision is to be taken: Forward Plan Ref: Purpose of Report: Community Learning Supply Chain Charges and

QASL 24/3 Quality Assurance for Massive Open Online Courses Purpose This paper outlines the quality assurance processes that will be utilised by the International Programmes for Massive Open Online Courses

FREQUENTLY ASKED QUESTIONS (FAQs) ABOUT THE MA PRIMARY EDUCATION WITH DEGREES. 1. Why is Teacher Education Changing? page 2 2. What is new in Scottish policy on Initial Teacher Education? 2 3. What has

Wireless Registration Instructions Gettysburg College will be implementing a requirement for all wireless computers and devices to be registered on the wireless network. All Users, including guests, will

LIBRARY COMMITTEE Wednesday 11 th May 2016 Library support for online and distance learners (ODL) Description of paper 1. This paper provides a summary of resources, services and support provided for online

How to build and use a Honeypot By Ralph Edward Sutton, Jr DTEC 6873 Section 01 Abstract Everybody has gotten hacked one way or another when dealing with computers. When I ran across the idea of a honeypot

Information Security A staff guide to the University's Information Systems Security Policy Issued by the IT Security Group on behalf of the University. Information Systems Security Guidelines for Staff

ISA Work Programme SECTION I TABLE OF CONTENTS INTRODUCTION...4 1. THE CONTEXT...4 1.1. The need for the ISA programme...4 1.2. The political context...4 2. THE ISA PROGRAMME...5 3. THE EUROPEAN INTEROPERABILITY

For discussion on 27.5.2004 AOM-P325 Hospital Authority Enhanced Contingency Planning for IT System Failures Purpose This purpose of this paper is to highlight enhancements to HAHO and IT Contingency Planning

MIND IN CROYDON POLICY ON TRAINING AND DEVELOPMENT OF STAFF Mind in Croydon recognises that its most important resource is its employees and is committed to the training and development of its entire workforce

Information Services Knowledge Strategy Committee 16 June 2009 University Website Development Project Brief description of the paper This paper provides an update to KSC on project progress for the University

Level 4 Diploma in Hospitality Management (7148-41) Candidate logbook 600/6626/X www.cityandguilds.com June 2013 Version 1.0 About City & Guilds As the UK s leading vocational education organisation, City

APPENDIX 1 Moray Council Adoption Plan Review: - November 2013 Next Review: - September 2016 Adoption Plan 18.12 2013 Page 1 of 15 Introduction The Moray Council believes that children should be brought

Mossbourne Community Academy ICT, INTERNET AND EMAIL GOOD PRACTICE POLICY This policy document sets out the school's aims, principles and strategies for the cross curricular delivery and use of Information

What you can do prevent virus infections on your computer A computer virus is program code which 'hides' in other files and can cause irreparable damage to your computer. Computer viruses spread easily

Teaching an all Master s profession: Implications of the new TDA s CPD MTL National Framework for schools Overview of the New National Framework for the Masters in Teaching & Learning (MTL) The new Masters

Digest of MOOC (Massive Open Online Courses) related activities Purpose Paper LTAS20.5 is submitted to the LTAS to provide an update on the recent MOOC activities overseen by the University of London International

Performance improvement through the application of Lean principles and change management methodology Introduction Lean principles and their supporting tools are widely acknowledged to provide an effective

UNIVERSITY OF LEICESTER RISK MANAGEMENT POLICY (Revised October 2015) 1. This risk management policy ( the policy ) forms part of the University s internal control and corporate governance arrangements.

1 Report to the Higher Education Academy Psychology Network Mini-project Scheme Try your career on for size : Web-based tool to enhance students work placement experience Dr Letitia Slabu, University of

MARCH 2012 Version 1.10 Strategic Risk Policy Update March 2012 v1.10.doc Document History Current Version Document Name Risk Management Policy Statement and Strategic Framework Last Updated By Alan Till

Department for Business, Innovation and Skills: equality objectives Achievements Externally, we have: Implemented a framework to ensure the widest possible access to HE Completed the first stage of the

Executive MSc 2 About Heriot-Watt Heriot-Watt is one of the UK s leading universities, with an international reputation for outstanding teaching and research in our specialist areas of science, engineering,

Analyzing Security for Retailers An analysis of what retailers can do to improve their network security Clone Systems Business Security Intelligence Properly Secure Every Business Network Executive Summary

Foundation degree in healthcare practice Lynn Clark Practice Tutor K117 OU in the East Midlands Today s introduction The programme and possible qualifications Learning with the Open University Staff roles

Standards and Guidelines for Quality Assurance in the European Higher Education Area (ESG) Approved by the Ministerial Conference in May 2015 by European Association for Quality Assurance in Higher Education

What are Viruses, Trojans, Worms & Spyware: There are many different types of computer viruses circulating in the cyber world, including regular Computer Viruses, Worms, Trojans, and Spyware. Each is different

Response to the School Based Review in the School of Hospitality Management and Tourism Background: The School of Hospitality Management and Tourism was reviewed in April 2008. This was the second School

MANAGING DIGITAL CONTINUITY Project Name Digital Continuity Project DRAFT FOR CONSULTATION Date: November 2009 Page 1 of 56 Contents Introduction... 4 What is this Guidance about?... 4 Who is this guidance

A commitment from The Children s Plan Your child, your schools, our future: building a 21st century schools system SUMMARY Building a 21st century schools system Summary 1 Summary Chapter 1 Our ambition

Derbyshire Constabulary Stop & Search Plan January 2016 This action plan sets out the recommendations made in four reports. They are designed to improve our stop and search encounters, creating greater

WildFire Reporting When malware is discovered on your network, it is important to take quick action to prevent spread of the malware to other systems. To ensure immediate alerts to malware discovered on

Standards and Guidelines for Quality Assurance in the European Higher Education Area (ESG) Endorsed by the Bologna Follow-Up Group in September 2014 Subject to approval by the Ministerial Conference in

EQUIINET WHITE PAPER Virus Scanning at the Internet Gateway The Internet has made information available to more people more quickly than ever before. While overwhelmingly positive in general, the downside

EMBEDDING SUSTAINABILITY SELF-ASSESSMENT Embedding Sustainability Self-Assessment This document is licensed under a Creative Commons Attribution-ShareAlike 4.0 International License. You are free to share

Appendix 1: Performance Management Guidance The approach to Performance Management as outlined in the Strategy is to be rolled out principally by Heads of Service as part of mainstream service management.

CITRUS COMMUNITY COLLEGE DISTRICT GENERAL INSTITUTION AP 3723 ELECTRONIC MAIL AND BULK ELECTRONIC DISTRIBUTION 1.0 Purpose Citrus Community College District electronic mail (email) services support the

CONCORDAT IMPLEMENTATION UNIVERSITY OF ABERDEEN HR EXCELLENCE IN RESEARCH AWARD TWO YEAR INTERNAL REVIEW PROGRESS REPORT. The University of Aberdeen received the HR Excellence Award for Excellence in December

3 June 2014 Education and Training Advisory Board 5 To consider Education surveys plan 2014-17 Issue 1 With the success of the National Training (NTS) there have been calls to expand the use of surveys